The KEYS file has been pushed to https://dist.apache.org/repos/dist/release/incubator/pirk/
On Sat, Aug 13, 2016 at 4:08 PM, Josh Elser <[email protected]> wrote: > I'm realizing that I'm a bone-head and you didn't actually stage anything > yet :) Too much coffee and not enough close-reading. Sorry for the spam. > Hopefully some of it was helpful too. > > One more thing just to make sure, you should use > https://dist.apache.org/repos/dist/dev/incubator/pirk/ for your #2 point > until the vote passes (referencing files directly from nexus is OK too). A > simple `svn mv` can be done over to dist/release after that to "promote" > the artifacts to the ASF mirrors. > > > Josh Elser wrote: > >> Hi Ellison Anne, >> >> A couple of issues before getting to verifying the artfiacts: >> >> * Can you please add the SHA1 for the git hash that the source-release >> was built from? This is an important verification (I can see the point >> in the repository which this code was built from). >> >> * The KEYS file for Pirk is missing: >> https://dist.apache.org/repos/dist/release/incubator/pirk/KEYS (feel >> free to copy a template from another project in dist.a.o). You should >> have your key in there so we know what you used to sign the release. >> It's also convenient to include the fingerprint of your key in the VOTE >> (although I don't think that's a requirement). >> >> I think that's all for now :). IMO, you can add a KEYS file and just >> sent the SHA1 for the commit without having to cancel+re-VOTE. >> >> Ellison Anne Williams wrote: >> >>> Hi All, >>> >>> After some hiccups last night getting the pom ready for release >>> (thanks for >>> fixing it Suneel!), we can now proceed with release voting. After we get >>> through our first release, our initial process will be documented on the >>> website for ease of access. In the future, we will send 'true' VOTE >>> emails >>> without all of the extra commentary. >>> >>> [Mentors: Please correct any info/process that I have gotten wrong >>> below - >>> thanks!] >>> >>> Following some of the best practice guidelines, let's hold our internal >>> release Pirk vote in two stages: >>> >>> 1) Vote-1 to approve the 0.1.0 candidate release branch >>> >>> If that passes, then... >>> >>> 2) Vote-2 to approve the resulting files listed below, which will be >>> posted >>> at ' >>> https://dist.apache.org/repos/dist/release/incubator/pirk/pi >>> rk-0.1.0-incubating' >>> >>> for the release: >>> >>> - apache-pirk-0.1.0-incubating-source-release.tar.gz >>> - apache-pirk-0.1.0-incubating-source-release.tar.gz.asc >>> - apache-pirk-0.1.0-incubating-source-release.tar.gz.md5 >>> - apache-pirk-0.1.0-incubating-source-release.tar.gz.sha1 >>> >>> Once Vote-1 closes with +1 from at least 3 Pirk PPMC members, we will >>> move >>> on to Vote-2. After Vote-2 passes, we can move to call a Pirk release >>> vote >>> with the IPMC. Once the IPMC vote passes, we can push the first Pirk >>> maven >>> artifact. >>> >>> I have tagged all JIRAs completed for this release with 'FixVersion = >>> 0.1.0'. You can view them here: >>> https://issues.apache.org/jira/browse/PIRK-47?jql=project% >>> 20%3D%20PIRK%20AND%20fixVersion%20%3D0.1.0 >>> >>> >>> The following steps were used to prepare the branch (some Apache projects >>> have nice scripts to automate some of these checks -- we should consider >>> using one too): >>> >>> - Verified the items Release Checklist (below, except for the checksums >>> and signatures for the branch cut) >>> - mvn clean release:clean >>> - mvn release:prepare -Darguments="-DskipTests" (new version: >>> 0.1.0-incubating; SCM: apache-pirk-0.1.0-incubating; new dev version: >>> 0.1.1-SNAPSHOT) >>> - mvn -Psigned_release release:perform -DdryRun=true >>> -Darguments="-DskipTests" >>> >>> where 'signed_release' is defined in the maven settings.xml file as in >>> Suneel's example here: >>> https://gist.github.com/smarthi/ac1b5058f05ab17d2f84862940ec4eba >>> >>> Please vote as follows: >>> >>> +1 -- Accept this candidate release branch >>> -1 -- Don't accept this candidate release branch because.... >>> >>> This vote will run for 72 hours. >>> >>> Thanks! >>> >>> Ellison Anne >>> >>> _____ >>> >>> Release Checklist: >>> >>> - Checksums and PGP signatures are valid. >>> - Build is successful including automated tests. >>> - DISCLAIMER is correct, filenames include "incubating". >>> - Top-level LICENSE and NOTICE are correct >>> - All source files have license headers where appropriate, RAT checks >>> pass >>> - The provenance of all source files is clear (ASF or software grants) >>> - Dependencies licenses are ok as per http://apache.org/legal/ >>> - Release consists of source code only, no binaries. >>> >>> Apache Release Documentation: >>> >>> - Apache Release Guide: http://www.apache.org/dev/release-publishing >>> - Apache Release Policy: http://www.apache.org/dev/release.html >>> - Apache Incubator Release Guidelines: http://incubator. >>> apache.org/guides/releasemanagement.html >>> <http://incubator.apache.org/guides/releasemanagement.html> >>> - Apache Incubator Release Policy: http://incubator. >>> apache.org/incubation/Incubation_Policy.html#Releases >>> <http://incubator.apache.org/incubation/Incubation_Policy.html#Releases> >>> - For Maven Release: http://www.apache.org/dev/publishing-maven- >>> artifacts.html >>> >>>
